New Ransomware Hybrid Steals Bitcoins

As if the threat of ransomware was not growing fast enough, we now have another peril to consider in relation to the malware: the ransomware hybrid, Cryptxxx. According to KnowBe4, the cyber gang competitor to Locky, Reveton, is behind the new danger to our systems.

Discovered by researchers at  Proofpoint earlier this month, Cryptxxx spreads through your system via the Angler Exploit Kit and infects the machine with Bedep Trojans, allowing hackers access to the machine to add the new .crypt encryption. From there, the system is vulnerable to multiple threats, including:

  • The demand to provide an estimated amount of $500 in Bitcoins to unlock files
  • The loss of large amounts of data stored to the system
  • The stealing of any Bitcoins previously reserved for use

Additionally, Cryptxxx uses specific execution to confuse the victims at the time the ransomware is contracted. KnowBe4 reported that criminals attempt to avoid the ransomware detection by encrypting the files a short time following the PC’s infection through random delayed implementation.

So, what can we do to prevent this, or at the very least, protect our systems? Earlier this week, we posted a 4-step blog indicating steps to protect our systems by educating ourselves on the threat, backing up system data, using advanced end-point Whitelisting Technology, and updating applications and operating system. However, if steps are not taken to avoid this ransomware, we are often in a situation where it may be better to consider paying the thief the ransom to retrieve the file.

Luckily, a decryptor was created to crack down on the problem. However, for the decryptor to work, you must have at least one original file backed up. In response, take the needed steps to protect your system in the case of an attack. If at any point you find your system subject to the hybrid or any ransomware, contact your anti-virus service provider to report the activity and infection.

220 total views, 2 views today

(Visited 46 times, 1 visits today)

3 thoughts on “New Ransomware Hybrid Steals Bitcoins

  1. I trust PC-Matic. When my system boot up takes longer than normal, I run my Scan from PC-Matic. My computer then boots up faster than it ever did with any other security program protecting my computer. Thank you for the idea of Whitelisting, very smart.

  2. As a person who exploits vulnerabilities in security devices for a living, it appears to me that its time to give the ransomeware folks a taste of their own foibles. Develop fake bitcoins that infect the ransomeware folk’s computers with an electronic bitcoin emulation having no cash value.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.